Monday, March 14, 2011

The Irrawaddy Hacked

The hackers who posted two fake articles on the website of The Irrawaddy on Friday deliberately intended to “create confusion and misunderstanding,” and to discredit the news agency, said the senior editor at Thailand-based The Irrawaddy.

The hacker or hackers, whose identify is so far unknown, hijacked the English-language edition of the exile Burmese news group's website on Friday night and posted two false stories, both controversial articles, one intended to sow a misunderstanding between The Irrawaddy and pro-democracy icon Aung San Suu Kyi, and another falsely proclaiming that well-known Burmese pop singer May Sweet had died.

The first fabricated article that was inserted onto the site stated that  Suu Kyi and her party, the National League for Democracy (NLD), were responsible for the recent reduction in funding from international donors to The Irrawaddy and fellow exile news agency Democratic Voice of Burma (DVB).

The Irrawaddy's founder and editor Aung Zaw on Monday said he believed the cyber attack was launched by a pro-military junta group or Naypyidaw's cyber warfare department.

“The intension of the attack is to damage the credibility of The Irrawaddy,” he said.

Over the past year, The Irrawaddy has exposed many illegal activities of the Burmese junta, including the fixing of November's general election, high-level corruption, nepotism, and the release of exclusive photos of secret military missions from Burma to North Korea.

“This is most likely why the junta has assigned technicians to attack our website,” Aung Zaw said.

Win Thu, the office manager of The Irrawaddy, admitted that there is a security weakness on the website and said he was trying to find the best solution to overcome the weakness.

“From the Web Content Management System (WCMS), the intruder posted two stories,” said Win Thu. “It is important to protect ourselves against such an intrusion. We are investigating who the culprits could be. According to the style of the writing, the culprits may be regular readers who know well the style and layout of  The Irrawaddy.”

A WCMS is a system designed to simplify the publication of web content to websites and mobile devices—in particular, allowing content creators to submit content without requiring technical knowledge of HTML or the uploading of files.

Many exile Burmese websites are hacked and defaced by hackers, said an IT expert, though this latest incident indicates that the people hired to do the job are getting more sophisticated in their approach.

“Rather than merely attacking the technical infrastructure of the site, as they have in the past with DDoS [Distributed Denial of Service] attacks, or infecting the servers that host the site with a virus, they may be targeting something more valuable—the news agency's reputation,” he said.

The second false article that was posted on the site carried the byline of Violet Cho, a former reporter for The Irrawaddy who left the company in 2009.

The article, that claimed that Burmese celebrity May Sweet had died, infuriated the singer who, not knowing the site had been hacked, launched an attack against The Irrawaddy on her Facebook account.

“I feel sorry for the persons who were mentioned in the fake articles, including May Sweet,” said Win Thu.

The websites of The Irrawaddy came under attack by a two-gigabyte DDoS in September, which shut down both its English and Burmese online editions. The sites were also disabled in September 2008 by a one-gigabyte DDoS attack.

Source : http://irrawaddy.org/article.php?art_id=20931

0 comments:

Post a Comment